You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I can't find anything in the README about how this plugin deals with ssh host keys of newly created droplets.
Droplet images usually don't contain ssh host keys (for good reason) such that a unique ssh host key is generated on first boot. But then you have the problem that you (while deploying) don't know the fingerprint of that new key. Which makes you prone to Man-in-the-middle attacks.
This plugin could deal with this issue in the following ways:
(a) generate an ssh host key on the vagrant host and deploy it over the DigitalOcean API. Then the host-key fingerprint is known and one can detect a MITM attack, even on the first connect.
(b) disable strict-host-key-checking on the first ssh connection, but after that (e.g. with a user-initiated vagrant ssh) do strict host key checking against the first seen fingerprint (TOFU - trust on first use)
(c) disable strict-host-key-checking on all ssh connections established by this plugin
I suspect that this plugin implements (b) or (c).
Looking at the Vagrant log file I see rsync calls containing StrictHostKeyChecking=no - thus I assume that it's also disabled when executing the provisioning script or when doing vagrant ssh.
Please clarify how this plugin checks ssh host keys.
The text was updated successfully, but these errors were encountered:
I can't find anything in the README about how this plugin deals with ssh host keys of newly created droplets.
Droplet images usually don't contain ssh host keys (for good reason) such that a unique ssh host key is generated on first boot. But then you have the problem that you (while deploying) don't know the fingerprint of that new key. Which makes you prone to Man-in-the-middle attacks.
This plugin could deal with this issue in the following ways:
vagrant ssh) do strict host key checking against the first seen fingerprint (TOFU - trust on first use)I suspect that this plugin implements (b) or (c).
Looking at the Vagrant log file I see rsync calls containing
StrictHostKeyChecking=no- thus I assume that it's also disabled when executing the provisioning script or when doingvagrant ssh.Please clarify how this plugin checks ssh host keys.
The text was updated successfully, but these errors were encountered: